Collaborate Disseminate
I recently recalled a memory of when I had once, a fair while ago, accidentally tried to login to the wrong (mistyped) SSH server, and it allowed me access without the correct credentials: null authentication.
I thought nothing of it at th… Continue reading Could there be a legitimate reason for a SSH server to allow null authentication, to anyone?
According to this answer from a question:
when you press Ctrl+Alt+Del, you can be sure that you’re typing your password in the real login form and not some other fake process trying to steal your password.
But let’s say an attacker clone… Continue reading What stops malicious code spoofing a Ctrl+Alt+Del login form by allowing only part of the phrase?
The Pairwise-Master-Key (PMK) is the foundation key of encrypted communication on nearly all WPA WiFi networks, including WPA2-Enterprise networks.
Typically, the PMK rekey interval for personal networks is around 2-3 hours.
But how often … Continue reading How often should a WPA2-Enterprise PMK be rekeyed in a high security, large corporate network? [closed]
On several occasions, I’ve been connected to a WPA2-PSK network, but where the key isn’t stored on my device at all.
But since you don’t need to re-enter it every time you re-connect, how is a user allowed to connect?
As far as I’m aware, persistence cookies are only encrypted in transit (HTTPS), but aren’t inherently encrypted while being stored locally on the user’s device.
Assuming a certain persistence cookie can be used to fully authenticate login,… Continue reading Why aren’t persistence cookies locally stored in an encrypted state?
Various tools, such as WAFW00F, can be used to detect the presence, and often even the type, of WAF deployed on a website.
And according to this article:
[WAF fingerprinting] works by analysing the responses received from a target web app… Continue reading Is WAF fingerprinting a security threat, and can it be obfuscated?
After running XSStrike on example.com/example?example= (for the parameter example), it is certain (10/10 certainty) that the payload %3Chtml%3E%3Cscript%20onpointerenter%3Dconfirm()%3E%3C%2Fscript%3E is an XSS vulnerability.
URL-decoded, t… Continue reading How can tell where this XSS payload gets triggered?
Let’s say, hypothetically, that a recent investigation showed that over 100,000 Brand-A IoT devices are part of a massive international botnet.
Can I, without being a specialist, identify whether my IoT device is part of the botnet in ques… Continue reading How can I identify whether my IoT device is part of a botnet? [closed]
Are router admin-panel passwords hashed? Do they need to be?
Am I right to think that that the only way an attacker could extract a router password (hashed or not) from the router is have physical access to the router in question?
If someo… Continue reading Are router admin-panel passwords hashed? Do they need to be?
Private Access Tokens (PATs) are Apple-exclusive tokens that have many “password replacement” uses, such as automatically authenticating CloudFare’s Captchas.
Another example is GitHub account authentication.
But is the actual token itself… Continue reading Is the Private Access Token itself the only thing needed to authenticate a service?